what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 28 RSS Feed

Files Date: 2024-07-15 to 2024-07-16

Geoserver Unauthenticated Remote Code Execution
Posted Jul 15, 2024
Authored by jheysel-r7, h00die-gr3y, Steve Ikeoka | Site metasploit.com

GeoServer is an open-source software server written in Java that provides the ability to view, edit, and share geospatial data. It is designed to be a flexible, efficient solution for distributing geospatial data from a variety of sources such as Geographic Information System (GIS) databases, web-based data, and personal datasets. In the GeoServer versions before 2.23.6, greater than or equal to 2.24.0, before 2.24.4 and greater than equal to 2.25.0, and before 2.25.1, multiple OGC request parameters allow remote code execution (RCE) by unauthenticated users through specially crafted input against a default GeoServer installation due to unsafely evaluating property names as XPath expressions. An attacker can abuse this by sending a POST request with a malicious xpath expression to execute arbitrary commands as root on the system.

tags | exploit, java, remote, web, arbitrary, root, code execution
advisories | CVE-2024-36401
SHA-256 | 60f349aa901f9dae2286ae790ca0dc4f7e03fb5120fbbaa6cd6f79d5a14fe921
Ubuntu Security Notice USN-6898-1
Posted Jul 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6898-1 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-38096, CVE-2023-52880, CVE-2024-23307, CVE-2024-24861, CVE-2024-25739, CVE-2024-26642, CVE-2024-26654, CVE-2024-26687, CVE-2024-26812, CVE-2024-26813, CVE-2024-26828, CVE-2024-26923, CVE-2024-26926, CVE-2024-26934
SHA-256 | ee181d7c57544b38471cdfdd8a2ee4fb18baf1502aad94b568edad8babad667d
Ubuntu Security Notice USN-6897-1
Posted Jul 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6897-1 - It was discovered that Ghostscript incorrectly handled certain long PDF filter names. An attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. It was discovered that Ghostscript incorrectly handled certain API parameters. An attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service. This issue only affected Ubuntu 24.04 LTS.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2024-29506, CVE-2024-29507, CVE-2024-29508, CVE-2024-29509, CVE-2024-29511
SHA-256 | 74ece8ebf8813655ea2cfa9de0b310b3f37ade10f60883e4d799c608ba570a98
Red Hat Security Advisory 2024-4549-03
Posted Jul 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4549-03 - An update for ghostscript is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2024-33871
SHA-256 | 00295addb0cab2b68bc4677d89793f5a17c9cb4a35bf23ea6b33ac246739fd57
Red Hat Security Advisory 2024-4548-03
Posted Jul 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4548-03 - An update for kpatch-patch-5_14_0-284_48_1 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include code execution and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2024-36886
SHA-256 | 02a7b186977875e0481b94879a9e3ee9a773dfb00ca93400493d8c2128f78bd7
Red Hat Security Advisory 2024-4547-03
Posted Jul 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4547-03 - An update for kpatch-patch-4_18_0-372_91_1 is now available for Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions. Issues addressed include code execution and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2024-36886
SHA-256 | 41b46b9646256aac9fee4111f03d403e16f5a9684a0f9b6ff256200b3bd60ab4
jSQL Injection 0.101
Posted Jul 15, 2024
Authored by ron190 | Site github.com

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.

Changes: Added database vendor blind fingerprinting. Optimized concurrency, shutdown and non-progress threads. Improved vuln report. Warned about missing strategies implementation. Removed Time from Sqlite. Removed Memsql and CockroachDB as clones. Improved clones fingerprinting. Improved Vertica schema query and fix field casting. Fixed Vertica/Postgres fingerprint collision. Improved falsy/truthy lists on Oracle. Improved failsafe on Oracle. Improved modes test order on Blind/Time. Improved characters insertion test order. Added TryHackMe and Burp labs to Scan list.
tags | tool, scanner, sql injection
systems | linux, unix
SHA-256 | 8d0618dafc562012201b160ff1a083e7f59b02a76c7872748bc48ca60ee56147
Red Hat Security Advisory 2024-4546-03
Posted Jul 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4546-03 - An update for git-lfs is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-45288
SHA-256 | 0e6c636de4cc67aad433a5c0a280bd43d18883983a61ca03555eb769d95d9b81
Red Hat Security Advisory 2024-4545-03
Posted Jul 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4545-03 - An update for git-lfs is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-45288
SHA-256 | aa17979ddfb927fe4ea4bab8daa1223b42630f2b173e6ab94083c5f70d571255
Red Hat Security Advisory 2024-4544-03
Posted Jul 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4544-03 - An update for ghostscript is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2024-33871
SHA-256 | d1091ddb4aeeaa1ad53dd1f0177283e5b977062c6c12908434ad4315a415e6f0
Red Hat Security Advisory 2024-4543-03
Posted Jul 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4543-03 - An update for git-lfs is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-45288
SHA-256 | 093cd75d2ec185352c439a172bb0b20445e9730be216ec408fc5354b64e3dcdb
Red Hat Security Advisory 2024-4542-03
Posted Jul 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4542-03 - An update for ruby is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a HTTP response splitting vulnerability.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2021-33621
SHA-256 | 997ce801d52e1d2f380bd35c336ed1d3f6f38e9f52cdcc51a98793f300b3e7d8
Red Hat Security Advisory 2024-4541-03
Posted Jul 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4541-03 - An update for ghostscript is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2024-33871
SHA-256 | 760347553df652be709bc68e1eb9000bf067a3594f2bf61c69cd7ce20f3eec72
Red Hat Security Advisory 2024-4537-03
Posted Jul 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4537-03 - An update for ghostscript is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2024-33871
SHA-256 | 137bff4e5ce293db3931426fcbeddb6106c1cd70393a1f31f2f9d139ac295841
Red Hat Security Advisory 2024-4533-03
Posted Jul 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4533-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include code execution and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-47548
SHA-256 | 0ffc9bcf4e7a87eb9e1a8e59599d90812f668148847ee41fda81f2233fc4cb4a
Red Hat Security Advisory 2024-4529-03
Posted Jul 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4529-03 - An update for less is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2024-32487
SHA-256 | 4aa28e7ecffb8685baf52db8cb385dad021d7d02f30c0c2d93f4141adfbd0e14
Red Hat Security Advisory 2024-4528-03
Posted Jul 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4528-03 - An update for less is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2024-32487
SHA-256 | cda95121aa90c73362dd19c95244909faf8b940e3e746bf8bba0205525ac0356
Red Hat Security Advisory 2024-4527-03
Posted Jul 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4527-03 - An update for ghostscript is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2024-33871
SHA-256 | a724074671111a94fe21b3ebeb61518fcbff2bdba7efab9f5cda9cd66cbc5c04
Red Hat Security Advisory 2024-4517-03
Posted Jul 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4517-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-6601
SHA-256 | 1035808e12842bca7f0b6b69696a96df2d5674352133a5f6d9421b4802b60477
Red Hat Security Advisory 2024-4508-03
Posted Jul 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4508-03 - An update for firefox is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-6601
SHA-256 | 45bd50249b04b963034e082c8d81c17a7bee756a97941fa8b911574f07f44169
Red Hat Security Advisory 2024-4502-03
Posted Jul 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4502-03 - An update for skopeo is now available for Red Hat Enterprise Linux 9. Issues addressed include a memory leak vulnerability.

tags | advisory, memory leak
systems | linux, redhat
advisories | CVE-2024-1394
SHA-256 | a94afecca63f546aec9181f9000dce8011dd5339615a7f14e45bbc62f97ba524
Red Hat Security Advisory 2024-4501-03
Posted Jul 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4501-03 - An update for firefox is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-6601
SHA-256 | 0c596bbbcb5a1088f0e5ce2a90379eee58d1c211e895b0db0ee63e2d7a8b2f52
Red Hat Security Advisory 2024-4500-03
Posted Jul 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4500-03 - An update for firefox is now available for Red Hat Enterprise Linux 9.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-6601
SHA-256 | 56413b8610dc0dad2e8551fbf4bc7cda8c9684fcd1a2d5c6ea4b52069b5818e3
Red Hat Security Advisory 2024-4326-03
Posted Jul 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4326-03 - An update is now available for Red Hat build of Quarkus. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2024-29857
SHA-256 | f806911ed87b07a4e916c87e592f8bee2e424c9b36bb8d5171f6f3a67cd2c837
Red Hat Security Advisory 2024-2106-03
Posted Jul 15, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2106-03 - An update is now available for Red Hat build of Quarkus.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-2700
SHA-256 | d210e27e70cd09638d510743a91f2b8bd003b40bde80b11351858951d4ce96bc
Page 1 of 2
Back12Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    21 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    14 Files
  • 15
    Oct 15th
    49 Files
  • 16
    Oct 16th
    28 Files
  • 17
    Oct 17th
    23 Files
  • 18
    Oct 18th
    10 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    5 Files
  • 22
    Oct 22nd
    12 Files
  • 23
    Oct 23rd
    23 Files
  • 24
    Oct 24th
    8 Files
  • 25
    Oct 25th
    10 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    7 Files
  • 29
    Oct 29th
    17 Files
  • 30
    Oct 30th
    39 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close